Manage Users

The Firebase Admin SDK provides an API for managing your
Firebase Authentication users with elevated privileges. The admin user management API
gives you the ability to programmatically complete the following tasks from a
secure server environment:

Create new users without any throttling or rate limiting.

Look up users by different criteria such as uid, email or phone number.

This method returns a UserRecord
object for the user corresponding to the uid provided to the method.

If the provided uid does not belong to an existing user or the user cannot be
fetched for any other reason, the above method throws an error.
For a full list of error codes, including descriptions and
resolution steps, see Admin Auth API Errors.

In some cases you will have a user's email instead of their uid. The Firebase
Admin SDK supports looking up user information with an email:

Go

This method returns a UserRecord object for the
user corresponding to the email provided.

If the provided email does not belong to an existing user or the user cannot be
fetched for any other reason, the Admin SDK throws an error.
For a full list of error codes, including descriptions
and resolution steps, see Admin Authentication API Errors.

Warning: For email lookup, you can only search the main (top level) email and
not provider specific emails. For example, if a Facebook account with a
different email facebookUser@example.com is linked to an existing user with
email user@example.com, calling getUserByEmail("facebookUser@example.com")
will yield no results whereas getUserByEmail("user@example.com") will return
the expected user. In the case of the default "single account per email"
setting, the first email used to sign in with will be used as the top level
email unless modified afterwards. When "multiple accounts per email" is set, the
main email is only set when a password user is created unless manually updated.

In other cases, you will have a user's phone number instead of their uid. The
Firebase Admin SDK supports looking up user information with a phone number:

Go

This method returns a UserRecord object for the
user corresponding to the phone number provided.

If the provided phone number does not belong to an existing user or the user
cannot be fetched for any other reason, the Admin SDK throws an error.
For a full list of error codes, including descriptions
and resolution steps, see Admin Authentication API Errors.

Create a user

The Admin SDK provides a method that
allows you to create a new Firebase Authentication user. This method accepts an
object containing the profile information to include in the newly created
user account:

By default, Firebase Authentication will generate a random uid for the new user. If
you instead want to specify your own uid for the new user, you can include it
argument passed to the user creation method:

The user's raw, unhashed password. Must be at least six characters long.

displayName

string

The users' display name.

photoURL

string

The user's photo URL.

disabled

boolean

Whether or not the user is disabled. true for disabled;
false for enabled. If not provided, the default is
false.

Note: All of the above properties are optional. If a certain property is not
specified, the value for that property will be empty unless a default is
mentioned in the above table.

The user creation method returns a UserRecord object for the
newly created user.

If the provided uid, email or phone number is already in use by an existing
user or the user cannot be created for any other reason, the above method fails
with an error. For a full list of error codes, including
descriptions and resolution steps, see Admin Authentication API
Errors.

Update a user

The Firebase Admin SDK facilitates modifying an existing user's data. You need
to specify a uid along with the properties to update for that user:

If the provided uid does not correspond to an existing user, the provided
email or phone number is already in use by an existing user, or the user cannot
be updated for any other reason, the above method fails with an
error. For a full list of error codes, including descriptions and resolution
steps, see Admin Authentication API Errors.

Go

The delete user method returns an empty result when the deletion completes
successfully.

If the provided uid does not correspond to an existing user or the user cannot
be deleted for any other reason, the delete user method throws an error.
For a full list of error codes, including descriptions
and resolution steps, see Admin Authentication API Errors.

List all users

The Firebase Admin SDK allows retrieving the entire list of users in batches:

Python

# Start listing users from the beginning, 1000 at a time.
page = auth.list_users()
while page:
for user in page.users:
print('User: ' + user.uid)
# Get next batch of users.
page = page.get_next_page()
# Iterate through all users. This will still retrieve users in batches,
# buffering no more than 1000 users in memory at a time.
for user in auth.list_users().iterate_all():
print('User: ' + user.uid)

Each batch of results contains a list of users and the next page token used to
list the next batch of users. When all the users have already been listed, no
pageToken is returned.
This API also returns the passwordSalt and passwordHash hashed by the
Firebase Auth backend if the user is a password user.

If no maxResults field is specified, the default 1000 users per batch is used.
This is also the maximum number of users allowed to be listed at a time. Any
value greater than the maximum will throw an argument error.
If no pageToken is specified, the operation will list users from the
beginning, ordered by uid.